SLAAE29A January   2023  â€“ December 2025 MSPM0C1105 , MSPM0C1106 , MSPM0G1105 , MSPM0G1106 , MSPM0G1107 , MSPM0G1505 , MSPM0G1506 , MSPM0G1507 , MSPM0G1518 , MSPM0G1519 , MSPM0G3105 , MSPM0G3106 , MSPM0G3106-Q1 , MSPM0G3107 , MSPM0G3107-Q1 , MSPM0G3505 , MSPM0G3506 , MSPM0G3506-Q1 , MSPM0G3507 , MSPM0G3507-Q1 , MSPM0G3518 , MSPM0G3518-Q1 , MSPM0G3519 , MSPM0G3519-Q1 , MSPM0L1105 , MSPM0L1106 , MSPM0L1227 , MSPM0L1227-Q1 , MSPM0L1228 , MSPM0L1228-Q1 , MSPM0L1303 , MSPM0L1304 , MSPM0L1304-Q1 , MSPM0L1305 , MSPM0L1305-Q1 , MSPM0L1306 , MSPM0L1306-Q1 , MSPM0L1343 , MSPM0L1344 , MSPM0L1345 , MSPM0L1346 , MSPM0L2227 , MSPM0L2227-Q1 , MSPM0L2228 , MSPM0L2228-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
    1. 1.1 Key Concepts
    2. 1.2 Goals of Cybersecurity
    3. 1.3 Platform Security Enablers
  5. 2Device Security Model
    1. 2.1 Device Identity
    2. 2.2 Initial Conditions at Boot
    3. 2.3 Boot Configuration Routine (BCR)
    4. 2.4 Bootstrap Loader (BSL)
    5. 2.5 Boot Flow
    6. 2.6 User-Specified Security Policies
      1. 2.6.1 Boot Configuration Routine (BCR) Policies
        1. 2.6.1.1 Serial Wire Debug Related Policies
          1. 2.6.1.1.1 SWD Security Level 0
          2. 2.6.1.1.2 SWD Security Level 1
          3. 2.6.1.1.3 SWD Security Level 2
        2. 2.6.1.2 Bootstrap Loader (BSL) Enable/Disable Policy
        3. 2.6.1.3 Flash Memory Protection and Integrity Related Policies
          1. 2.6.1.3.1 Locking the Application (MAIN) Flash Memory
          2. 2.6.1.3.2 Locking the Configuration (NONMAIN) Flash Memory
          3. 2.6.1.3.3 Verifying Integrity of Application (MAIN) Flash Memory
        4. 2.6.1.4 Bootstrap Loader (BSL) Security Policies
          1. 2.6.1.4.1 BSL Access Password
          2. 2.6.1.4.2 BSL Read-out Policy
          3. 2.6.1.4.3 BSL Security Alert Policy
      2. 2.6.2 Customer Secure Code (CSC) Security Policies
        1. 2.6.2.1 CSC Enforced Bankswap
        2. 2.6.2.2 CSC Enforced Firewalls
        3. 2.6.2.3 CSC Key Write to KEYSTORE
      3. 2.6.3 Configuration Data Error Resistance
        1. 2.6.3.1 CRC-Backed Configuration Data
        2. 2.6.3.2 16-bit Pattern Match for Critical Fields
  6. 3Secure Boot
    1. 3.1 Secure Processing Environment Isolation
    2. 3.2 Customer Secure Code (CSC)
      1. 3.2.1 Secure Boot Flow
      2. 3.2.2 Flash Memory Map
      3. 3.2.3 Features
        1. 3.2.3.1 CMAC Acceleration
        2. 3.2.3.2 Asymmetric Verification
        3. 3.2.3.3 KEYSTORE and Firewall
        4. 3.2.3.4 CSC Performance
      4. 3.2.4 Quick Start Guide
        1. 3.2.4.1 Environment Setup
        2. 3.2.4.2 Step by Step Guidance
        3. 3.2.4.3 CSC NONMAIN Configuration
        4. 3.2.4.4 Customize Changes on CSC Example
    3. 3.3 Boot Image Manager (BIM)
      1. 3.3.1 Secure Boot Flow
      2. 3.3.2 Flash Memory Map
      3. 3.3.3 Quick Start Guide
  7. 4Secure Storage
    1. 4.1 Flash Write Protection
    2. 4.2 Flash Read-Execute Protection
    3. 4.3 Flash IP Protection
    4. 4.4 Data Bank Protection
    5. 4.5 Secure Key Storage
    6. 4.6 SRAM Protection
    7. 4.7 Hardware Monotonic Counter
  8. 5Cryptographic Acceleration
    1. 5.1 Hardware AES Acceleration
      1. 5.1.1 AES
      2. 5.1.2 AESADV
    2. 5.2 Hardware True Random Number Generator (TRNG)
  9. 6FAQ
  10. 7Summary
  11. 8References
  12. 9Revision History

1.3 Platform Security Enablers

The security enablers included in MSPM0 devices are given inTable 1-2. The debug security features andmain flash memory integrity verification feature could be found in NONMAIN Layout Types and NONMAIN Registers sections in device series technical reference manual. And the secure boot, secure storage and cryptographic accelerators features could be found in device specific datasheet.

Table 1-2 MSPM0 MCU Platform Security Enablers
Security Enabler Device Feature M0C1103/4 M0C1105/6 M0L1x0x/M0L134x M0G110x M0G3x0x/M0G150x M0H321x M0L111x M0Lx22x M0Gx51x
Debugging security Password authenticated debug access Hashed Yes Yes Yes Hashed Hashed Hashed Hashed
Password authenticated bootstrap loader access No ROM BSL No ROM BSL Yes Yes Yes No ROM BSL Hashed Hashed Hashed
Password authenticated main flash memory mass erase Hashed Yes Yes Yes Hashed Hashed Hashed Hashed
Password authenticated complete factory reset Hashed Yes Yes Yes Hashed Hashed Hashed Hashed
TI failure analysis (FA) enable/disable Yes Yes Yes Yes Yes Yes Yes Yes
Complete hardware disable of serial wire debug (SWD) interface Yes Yes Yes Yes Yes Yes Yes Yes Yes
Permanently lockable device configuration data Yes Yes Yes Yes Yes Yes Yes Yes Yes
Error resistant device configuration data Yes Yes Yes Yes Yes Yes Yes Yes
Passwords are stored in hashed form only (SHA2-256) Yes Yes Yes Yes Yes
Secure boot CSC Exists Yes Yes Yes Yes Yes
Permanently lockable main flash memory Yes Yes Yes Yes Yes Yes Yes Yes Yes
CRC-32 verified main flash region Yes Yes Yes Yes Yes Yes Yes Yes
SHA2-256 verified main flash memory region Yes Yes Yes Yes Yes
Single point of entry to main flash application at boot Yes Yes Yes Yes Yes Yes Yes Yes Yes
Asymmetric firmware image authentication routines (ECDSA with P-256, SHA2-256 based on software) Yes Yes Yes Yes Yes Yes Yes Yes
Symmetric firmware image authentication routines (AES-CMAC based on hardware) Yes Yes Yes
Lockable flash for ECDSA public key revocation and rollback protection Yes Yes Yes Yes Yes
SRAM write-execute mutual exclusion (W^X) boundary Yes Yes Yes Yes Yes Yes Yes Yes
Secure Storage Flash write protection firewall Yes Yes Yes Yes Yes
Flash read/execute (RX) protection firewall Yes Yes Yes Yes Yes
Flash IP protection area (execute only, no read access) Yes Yes Yes Yes Yes
Flash bank write-execute mutual exclusion (W^X) Yes Yes Yes
Data bank write read protection Yes
Key store (up to four 128-bit keys or two 256-bit keys, plus a session key) Yes Yes Yes
Hardware monotonic counter Yes Yes
Cryptographic acceleration True random number generator (TRNG) with self-test Yes Yes Yes Yes
Basic AES accelerator (without GCM/CMAC/GHASH support) Yes Yes Yes Yes
Advanced AES accelerator (with GCM/CMAC/GHASH support) Yes Yes Yes
Device identity Unique device identifier (96-bit) Yes Yes Yes Yes Yes Yes Yes Yes Yes

Certifications

 ARM PSA Level

L1

Planned

L1

Planned

L1

L1

Planned
EVITA capability EVITA-Light EVITA-Light EVITA-Light EVITA-Light
ISO 21434 process compliant Planned Planned
Attack Resistance Analysis 3P firmware vulnerability analysis Yes Yes Yes Yes
Boot configuration routine fault injection attack countermeasures Yes Yes Yes Yes